wildcard domain

[gitmacer]

is it possible or can it be added to redirect the wildcard entrie?

.*.mydomain.de. IN TXT forward-domain=https://example.com
is resulting in
"The TXT record data for ".test.mydomain.de" is missing"

[willnode]

I don't think it will be ever supported since HTTPS verification can be technically difficult. What's your usecase here?

[gitmacer]

HTTPS verification looks already great to me.
For example:
_.test
TXT
forward-domain=https://example.com/*

With a wildcard Record is already working.

I propose to further reduce the complexity of the DNS setup and maintenance efforts.

If you want to setup an alternative domain you would only need

_.*.gs.short.de
IN TXT
base-domain=gs.short.de; forward-domain=https://greatsite.com

And it should redirect
site1.gs.short.de to site1.greatsite.com
and
123.gs.short.de to 123.greatsite.com

With updating the subdomains on the greatsite.com domain the alternative domains would be working without change.

I propose base-domain to specify if/which subdomain should get attached. None if base-domain not provided.

[willnode]

Just want to make sure, we can set _.*.gs.short.de TXT record and set *.gs.short.de CNAME record already? I never thought we can set wildcard in middle of dot labels. I need to read it somewhere.

[gitmacer]

I noticed * in middle of dot labels is settable but isn't actually supported.
txtdirect.org is using "_" as wildcard.

An sufficient and simpler solution would be to simply search for the first forward-domain entry in the domain path and attach the
subdomainpath to it.

Wildcard CNAME is supported by most registrars. And wildcard A is definitely no problem. Cludflare for example: https://developers.cloudflare.com/dns/manage-dns-records/reference/wildcard-dns-records/

_.gs.short.de
TXT
forward-domain=https://greatsite.com/

gs.short.de
CNAME
r.forwarddomain.net

*.gs.short.de
CNAME
r.forwarddomain.net

is enough to redirect
gs.short.de to greatsite.com
and
site1.gs.short.de to site1.greatsite.com
and
123.gs.short.de to 123.greatsite.com
and
321.123.gs.short.de to 321.123.greatsite.com
...

[willnode]

OK I understand. Although I'd already say there's a tough challenge. We have to turn this software to also be a DNS resolver so DNS validation for wildcard works (so acme dns challenge works).

This is might be possible but significant development time is needed as I have to implement a DNS resolver too. Also, a robust design of how we can provide the TXT record of this also needed (lesser DNS talks and an approach to recursive domain resolving).

[willnode]

Just for clarification, it's technically possible to stick with current HTTP validation to Let's Encrypt but I would reject the idea. If you set a wildcard record then we must do wildcard ssl too, otherwise we would face other problems like hitting Let's encrypt rate limit.